Bug 510251 (CVE-2009-2408)

Summary: CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly
Product: [Other] Security Response Reporter: Mark J. Cox <mjc>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: low    
Version: unspecifiedCC: kreilly, psplicha, rrelyea, security-response-team, stransky, yoyzhang
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-10-13 13:30:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 230399, 514474, 514916, 565580, 565581, 565584, 565585, 582839    
Bug Blocks:    
Attachments:
Description Flags
backported mozbz#480509
none
backported mozbz#484111 none

Description Mark J. Cox 2009-07-08 13:40:23 UTC 
In his upcoming Blackhat paper and presentation Dan Kaminsky
highlights some more issues he has found relating to SSL hash
collisions and related vulnerabilities.

His second issue is all about inconsistencies in the interpretation of subject
x509 names in certificates.  Specifically "issue 2, attack 2c" regarding NULL terminators in a Common Name field.  An attacker could create a malicious certificate containing a NULL, which, if they were able to get it signed, could confuse a client into accepting it by mistake.

According to the paper this is said to affect Firefox.
Comment 1 Mark J. Cox 2009-07-27 07:52:50 UTC 
This issue is fixed in upstream NSS 3.12.3 by the following bzs:

        Improper character escaping and unescaping in alg1485.c & secname.c
        https://bugzilla.mozilla.org/show_bug.cgi?id=480509

        Must escape DER DNS names when converting to zStrings
        https://bugzilla.mozilla.org/show_bug.cgi?id=484111
Comment 4 Mark J. Cox 2009-07-30 07:58:09 UTC 
This was also found by Moxie and presented in two talks at Blackhat last night.  Moxie was able to get a CA to sign a certificate containing a NULL in the CN name.

Removing embargo.
Comment 5 errata-xmlrpc 2009-07-30 22:09:58 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2009:1184 https://rhn.redhat.com/errata/RHSA-2009-1184.html
Comment 6 errata-xmlrpc 2009-07-30 22:20:08 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2009:1186 https://rhn.redhat.com/errata/RHSA-2009-1186.html
Comment 8 errata-xmlrpc 2009-07-31 14:31:38 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4.7 Z Stream

Via RHSA-2009:1190 https://rhn.redhat.com/errata/RHSA-2009-1190.html
Comment 9 Martin Stransky 2009-08-03 10:52:01 UTC 
Created attachment 355994 [details]
backported mozbz#480509
Comment 10 Martin Stransky 2009-08-03 10:53:29 UTC 
Created attachment 355997 [details]
backported mozbz#484111
Comment 11 errata-xmlrpc 2009-08-12 14:31:17 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5.2 Z Stream

Via RHSA-2009:1207 https://rhn.redhat.com/errata/RHSA-2009-1207.html
Comment 15 errata-xmlrpc 2009-09-09 23:50:53 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3

Via RHSA-2009:1432 https://rhn.redhat.com/errata/RHSA-2009-1432.html
Comment 16 Tomas Hoger 2009-10-13 13:30:35 UTC 
This was fixed in all affected NSS versions in Red Hat Enterprise Linux 3, 4 and 5 and all current Fedora versions (F10+).